Charity

Big news last week about CASL (Canada’s anti-spam legislation) – the right of private action, which was scheduled to come into effect on July 1st, was indefinitely delayed by an Order-in-Council issued by the Federal Government on June 7.

This is a relief for every organization, whether for-profit, non-profit, orcharitable. The right of private action was generally being met with dread – it allowed for private litigants to sue for any breach of specific sections of CASL and to claim for significant damages. Those damages included statutory damages of up to $1 million per day for violations.

Enforcement activity since 2014

However, this development doesn’t mean that CASL is toothless. Far from it. Fines under CASL are a maximum of $10 million per violation for businesses/organizations. That’s huge.

I attended an update on CASL put on by the CRTC for the Ontario Bar Association in mid-May. There has been a lot of activity around CASL enforcement since CASL came into effect 3 years ago (July 1, 2014). Here are a few tidbits that I learned about:

In lieu of prosecutions, the CRTC tends to pursue “undertakings” when an investigated complaint reveals an apparent violation of CASL

These undertakings require the offender to implement a robust compliance program

Undertakings are accompanied by a reparation payment (in lieu of a fine/penalty)

These reparation payments are substantial:

Porter $150K

Rogers $200K

Kellogg’s $60K

Blackstone $50K

William Rapanos (individual) $15K

Compu-Finder $1.1M (being contested)

The ability of the offender to pay is taken into account as one of the factors in determining an appropriate payment. For example, Blackstone is a small business, resulting in a significantly reduced penalty. Still, $50K is a huge amount for any small business to pay.

Deemed implied consent – 3-year grace period ends July 1

Remember, CASL requires that your organization have consent (express or in some cases implied) when sending commercial electronic messages (CEMs). (To be “commercial”, the email/text must be trying to get people to buy a product or service.)

There was a 3-year grace period in which organizations were allowed to email current and former donors, members, volunteers and those with business relationships. That grace period ends on July 1, 2017. After that, the list of individuals to whom your organization can send CEMs is limited to a 2-year ever-refreshing window – you can only email with implied consent if you have had contact with the individual (as a donor, member, volunteer or for business purposes) for 2 years from the date of that contact.

How to be CASL compliant

What also became evident is that your organization needs to have a CASL policy, undertake and update CASL training of all staff, and monitor CASL compliance. If your organization becomes the subject of a complaint/investigation about CASL, you need to demonstrate good record-keeping – i.e., keeping screenshots of subscribes to newsletter lists and emails containing express consent to receive CEMs.

The CRTC update also offered these additional bits of information:

Non-profits are “not bubbling to the top” of the enforcement radar, which is good news for the health sector

Sending a survey is not a CEM.

The CRTC’s slides were available to attendees. If anyone is interested in receiving a copy, please let me know.

DDO’s CASL Toolkit for the non-profit and charitable sectors

DDO Health law published a “CASL – Anti-Spam Toolkit” in June 2014 targeted at assisting non-profit and charitable organizations to become CASL compliant. Copies are available for purchase – please contact me if interested.

Caution: This is for general information purposes only and is not an official version. These changes are not yet law and there may be further future amendments. Please contact us if you have questions.

The privacy practices of health care organizations are under increasing scrutiny from patients (and their families), the courts, the media and the regulator, the Information and Privacy Commissioner of Ontario (IPC/O). As Privacy Officer, it is your job to ensure your organization is compliant with privacy laws and IPC/O guidelines. Whether you are new to the Privacy Officer role or are a seasoned privacy professional, you may wonder whether you have the latest information to do your job properly. You may have already discovered that it is not enough to know the technicalities of the law; it is also important that you understand the spirit of the legislation and how to apply the law to specific and sometimes difficult situations.

This is the only course of its kind in Canada.

This course will give you confidence in your role by giving you the information and skills you need to succeed as a Privacy Officer.

You receive:

20 hours of intensive instruction from leading legal educators in the field

3 full day sessions each available in person in downtown Toronto or via webcast

Reassurance that you have the most current information on privacy practices and expectations for health care organizations

Answer: nothing. We’re in limbo. Back in September, the Ontario government announced that ONCA would be further delayed, indefinitely. The announcement reassured that the government remains committed to bringing in ONCA “at the earliest opportunity”, but it did not identify a planned (or even anticipated) proclamation date. Instead, it promised the sector at least 24 months’ prior notice of ONCA coming into force and effect.

There have been no developments or updates since September. Practically speaking, the earliest we can hope to see ONCA come into effect is Spring 2018.

Everyone in the not-for-profit sector is eager to take advantage of ONCA, which will bring the sector participants into the 21st century. Yes, there will be preliminary effort and resources needed to transition under ONCA – particularly applying for Articles of Amendment (which will amend the existing Letters Patent) and updating your organization’s by-laws. But there’s a 3-year window to do that, so no urgent action will be required on the day ONCA comes into effect.

What we are looking forward to:

Once a not-for-profit corporation is transitioned under ONCA, member relations will be much easier. ONCA facilitates electronic communication with members and the holding of electronic member meetings.

ONCA allows the Board itself to appoint directors to the Board, on an annual basis, up to a threshold number. This could be a very valuable tool, allowing the Board to supplement its skill sets on an annual basis, as its priorities and objectives change.

ONCA allows the Board much more flexibility in delegating decision-making down to Board committees. This needs to be managed thoughtfully, but a stronger committee structure can allow the Board to focus its attention on the most strategically challenging decisions it faces.

ONCA offers not-for-profit boards comfort that, should they take actions that are inadvertently or technically off-side their articles of by-laws, those actions are nevertheless valid. Business corporations have enjoyed this reassurance for decades.

Areas of ongoing concern:

There is unease about the provisions of ONCA that give non-voting members voting rights in specific circumstances: g., amendments to rights attached to a group of members, amalgamation, and the sale of substantially all of the corporation’s property. The Ontario government previously proposed (via 2013’s Bill 85) that those provisions would be delayed for a further 3 years after ONCA comes into force, presumably to give the government and sector further opportunities to consider the appropriateness of this scheme for the sector. We will be watching to see if similar amendments to ONCA are introduced and passed by the Ontario government before ONCA comes into force.

Are you waiting for ONCA to update your by-laws? Please don’t.

In chatting with a number of our not-for-profit clients, I’ve learned that many organizations that typically review their by-laws every 3 to 5 years – a good governance practice – have put that project on hold, waiting for ONCA. Some haven’t touched their by-laws since 2010, when ONCA was passed by the Legislature. Those by-laws are now at least 6 years stale, and in real need of some fresh eyes.

Reviewing and refreshing your organization’s by-laws should not be put on hold. Best governance practices evolve. Your governance structure changes. Your by-laws are a governance and business critical legal document. They need nurturing and care from time to time.

Don’t by like Lucky and Pozzo (that’s a Waiting for Godot reference) – stop waiting and be proactive. Task your board’s Governance Committee with a full by-law review, if such a review hasn’t happened in the last 3 to 5 years.